Sun Labs ECC/TLS Test Server

This page will allow you to start an SSL web server with elliptic curve cryptography. Use the form below to select the options for your server.

Server:

SSL version:

Certificate: signed by

Client authentication:
(For now, this feature only works with NSS and OpenSSL. The client will need
to furnish one of the client certificates included in MS_Client_certs.zip.)

Cipher suites:

ECDHE named curve:

Password:

A password is required to prevent denial of service attacks on this publicly-available test service. To obtain a password, email ecc-sunlabs-support "at" sun dot com.

Notes:

ECDH_RSA cipher suites currently do not work in OpenSSL.
ECDH_anon cipher suites are not supported by NSS.
ECDHE named curve selection is not supported in the version of NSS used here and is hard-coded to secp256r1. Newer versions of NSS have the ability select a curve automatically based on the negotiated encryption algorithm and the client capabilities advertised in the ClientHello extensions.
ECDHE named curve selection in JSSE is negotiated via TLS ECC extensions. It defaults to secp192r1 if the client does not send extensions. The value specified on this form is ignored.
SSLv2 is not supported by JSSE.
This application provides no validity testing regarding certificate/cipher suite combinations. The user must ensure that a valid combination is chosen.
If you choose a dsa1024 certificate, you must choose dsa1024 for "signed by". This option was added to test interoperability of DHE-DSS ciphers and is only supported for OpenSSL s_server as the Server choice.

Questions/Comments: ecc-sunlabs-support "at" sun dot com (Last update: Aug 15, 2006, 5:45pm PDT)

all ECC ciphers
ECDH_ECDSA_WITH_NULL_SHA
ECDH_ECDSA_WITH_RC4_128_SHA
ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
ECDH_ECDSA_WITH_AES_128_CBC_SHA
ECDH_ECDSA_WITH_AES_256_CBC_SHA
ECDHE_ECDSA_WITH_NULL_SHA
ECDHE_ECDSA_WITH_RC4_128_SHA
ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
ECDHE_ECDSA_WITH_AES_128_CBC_SHA
ECDHE_ECDSA_WITH_AES_256_CBC_SHA
ECDH_RSA_WITH_NULL_SHA
ECDH_RSA_WITH_RC4_128_SHA
ECDH_RSA_WITH_3DES_EDE_CBC_SHA
ECDH_RSA_WITH_AES_128_CBC_SHA
ECDH_RSA_WITH_AES_256_CBC_SHA
ECDHE_RSA_WITH_NULL_SHA
ECDHE_RSA_WITH_RC4_128_SHA
ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
ECDHE_RSA_WITH_AES_128_CBC_SHA
ECDHE_RSA_WITH_AES_256_CBC_SHA
ECDH_anon_WITH_NULL_SHA
ECDH_anon_WITH_RC4_128_SHA
ECDH_anon_WITH_3DES_EDE_CBC_SHA
ECDH_anon_WITH_AES_128_CBC_SHA
ECDH_anon_WITH_AES_256_CBC_SHA
RC4_SHA (RSA)
NULL_SHA (RSA)
NULL_MD5 (RSA)
DHE_DSS_WITH_AES_128_CBC_SHA